Warning! Think Twice Before Using USB Drives

All things related to Microsoft Windows Software.
BlackSt0rm
Posts: 40
Joined: Tue Mar 22, 2016 6:23 pm
Country: South Africa
Firstname: Branagth

Warning! Think Twice Before Using USB Drives

Postby BlackSt0rm » Thu Mar 24, 2016 3:49 pm

Image

Security researchers have discovered a new data-stealing Trojan that makes special use of USB devices in order to spread itself and does not leave any trace of activity on the compromised systems.

Dubbed USB Thief ( or Win32/PSW.Stealer.NAI), the malware has the capability of stealthy attacking against air-gapped or isolated computers, warns ESET security firm.

The malware author has employed special programs to protect the USB Thief from being reproduced or copied, making it even harder to detect and reverse-engineer.

USB Thief has been designed for targeted attacks on computer systems that are isolated from the Internet, according to the ESET malware analyst Tomáš Gardoň.

The 'USB Thief' Trojan Malware

The USB Thief Trojan malware is stored either as a portable application's plugin source or as a Dynamically Linked Library (DLL) used by the portable application.

Since USB devices often store popular applications like Firefox, Notepad++ or TrueCrypt portable, once any of these applications is executed, the malware starts running in the background.

USB Thief is capable of stealing data from air-gapped systems – systems that are isolated from the Internet and other external networks.

"Well, taking into account that organizations isolate some of their systems for a good reason," explained Peter Stancik, the security evangelist at ESET. "Any tool capable of attacking these so called air-gapped systems must be regarded as dangerous."

The malware runs from a USB removable device, so it don’t leave any traces of its activities, and thus, victims do not even notice that their data had been stolen.

Since the malware is bound to a single USB device, it prevents USB Thief from leaking from the infected computers.

Besides this, USB Thief utilizes a sophisticated implementation of multi-staged encryption that makes the malware harder to detect and analyse.

"This is not a very common way to trick users, but very dangerous," Stancik said. "People should understand the risks associated with USB storage devices obtained from sources that may not be trustworthy."


Here's How you can Protect from being Infected:
  • Do not use USB storage devices from non-trustworthy sources.
  • Turn off Autorun
  • Regularly backup your data

More technical details are available on ESET Ireland’s official blog.

Source:

Code: Select all

http://thehackernews.com/2016/03/usb-drive-malware.html
Is there any other kind of St0rm than Black?

Return to “Windows”

Who is online

Users browsing this forum: No registered users and 2 guests